Ten Steps for Securing Privileged Access

Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

In today’s digital world, privileged accounts, credentials and secrets are everywhere—on-premises, in the cloud, on endpoints and across DevOps environments. Security breaches of sensitive data ranging from customer records to intellectual property frequently involve the use of stolen privileged credentials.

Our recently launched “Privileged Access Security for Dummies” eBook educates organizations on how to tighten privileged access security to reduce risk from attackers and malicious insiders. One particularly popular chapter highlights 10 practical steps for reducing privileged access risk. Here is an at-a-glance look at these recommendations. For full details and tips on prioritizing steps to efficiently drive down risk, download a free copy of the eBook today.

  1. Eliminate irreversible network takeover attacks. Don’t let attackers ruin your network and create long-term damage by gaining access to your domain controllers. Move privileged credentials associated with all tier0 and tier1 assets—such as domain controller accounts—to a centralized and automated system. Implement multi-factor authentication (MFA) to protect it.
  2. Control and secure infrastructure accounts. You must control and secure access to your on-premises and cloud infrastructure accounts—from server admin accounts to database instance accounts—because these are some of the riskiest keys to your IT kingdom. Vault all well-known infrastructure accounts and automatically rotate passwords periodically after every use.
  3. Limit lateral movement. Attackers follow patterns – stealing credentials and moving laterally across the infrastructure to carry out their goals. To limit attackers’ movement, remove local admin rights on IT Windows workstations to stop credential theft.
  4. Protect credentials for third-party applications. Attackers increasingly target third-party vendors such as business services, management consultants, legal counsel, facilities maintenance support, logistics companies and more as their applications and IT systems are often less sophisticated and their security defenses are easier to infiltrate. To minimize risk, it’s important to vault all privileged credentials used by third-party applications and vendors. Be sure credentials are rotated frequently.
  5. Manage *NIX SSH keys. SSH keys are gold to an external attacker or malicious insider, as they can leverage unmanaged SSH keys to log in with root access and take over the *NIX (Linux and Unix systems) technology stack. Get these keys in a vault ASAP. After vaulting, make sure to routinely rotate them based on policy and employ a solution that enables event notifications and automation to lessen the potential impact of human error.
  6. Defend DevOps secrets in the cloud and on-premises. DevOps teams have the “need for speed.” Make sure their tools and coding methods don’t compromise privilege access security. Vault and automatically rotate all public cloud privileged accounts, keys and API keys. Additionally, secure secrets used by CI/CD tools such as Ansible, Jenkins and Docker in a vault, while allowing them to be retrieved on the fly, automatically rotated and managed.
  7. Secure SaaS admins and privileged business users. Cyber criminals steal credentials used by SaaS administrators and privileged business users to get high-level and stealthy access to sensitive systems. To prevent this kind of attack, isolate all access to shared IDs and require MFA. Also monitor and record sessions of SaaS admins and privileged business users.
  8. Invest in periodic Red Team exercises to test defenses. In order to stay a step ahead of advanced cyber maneuvers, it’s critical to adopt an attacker’s mindset. When you hire and operate your own Red Team or hire an outside firm, the drills will be as real as possible. Check out this Q&A with our Head of Red Team Services for tips.
  9. Invest in a tool to periodically measure reduction in privileged security risk. Measurement of risk and maturity is a critical capability. If you aren’t gauging and adjusting for risk and change, you can’t focus and know if you’ve done enough. Measurement tools may be available from your privileged access management solution. There are also solutions in the market available to measure your entire security program against an established framework (such as NIST CSF).
  10. Utilize MFA. Passwords are crackable, findable and sharable. MFA that requires “something you have” and “something you know” exponentially decreases compromise. It’s important to ensure your privileged access management solution heavily leverages MFA to enhance the protection that you’re investing in.

Together, these 10 steps provide a framework to establish essential privileged access security controls to strengthen your security posture. Implementing a program that leverages these steps can you help your organization achieve greater risk reduction in less time and satisfy security and regulatory objectives with fewer internal resources. Read more details in our “Privileged Access Security for Dummies” eBook.

The post Ten Steps for Securing Privileged Access appeared first on CyberArk.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
About CyberArk
CyberArk is the only security company that proactively stops the most advanced cyber threats – those that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to lock down privileged accounts and protect against cyber threats before attacks can escalate and do irreparable business damage. CyberArk is trusted by the world’s leading companies – including more than 40 of the Fortune 100 – to protect their highest value information assets, infrastructure and applications, while ensuring tight regulatory compliance and audit requirements.
Promoted Content
Advanced cyber attacks involve compromised privileged accounts. Cyber attackers target them because they represent the keys to the IT kingdom. Effective enterprise security includes proactively protecting privileged accounts. Industry experts have identified practices that increase an organization’s vulnerability to a cyber attack. How many of these are common at your organization?

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?